If you’re an Android user, you’ll want to steer clear of a popular Android app that recently began serving up malware to unsuspecting users. The app in question is called CamScanner and has been around for nearly a decade and has accumulated well over 100 million downloads. The app itself is fairly simple insofar that offers up OCR capabilities and can convert scanned documents into PDFs.
Security researchers from Kaspersky first noticed something was amiss following app updates that rolled out in June and July of this year. Interestingly enough, malware wasn’t found in versions of the app that users downloaded in August.
According to Kaspersky researchers, the malware in question may “show intrusive ads and sign users up for paid subscriptions.” Upon being made aware of the issue, Google promptly removed the CamScanner app from the Google Play store. Needless to say, if you previously downloaded the app, you’ll want to delete it immediately.
As Kaspersky notes, the troubling aspect about this saga is that even seemingly reliable apps that have been safe to use for years can become problematic out of the blue.
What we can learn from this story is that any app — even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base —can turn into malware overnight. Every app is just one update away from a major change.
Indeed, the problem reportedly began once CamScanner began using a third-party advertising module which contained a Trojan Dropper. In short, the malware was found to execute code from other malicious modules that were inconspicuously downloaded to user devices.